Last active
March 31, 2018 11:06
-
-
Save mailinglists35/db9d5fbe8b1ef4d84d4e7e492c16441e to your computer and use it in GitHub Desktop.
debug fortigate ipsec
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diagnose debug application fnbamd -1 | |
| diagnose debug application ike -1 | |
| diagnose debug enable | |
| gre http://kb.fortinet.com/kb/documentLink.do?externalID=FD31182 | |
| get router info routing-table all | |
| diag system gre list | |
| diag netlink interface list | |
| get system interface | |
| diagnose sniffer packet any "icmp" 4 | |
| get vpn ipsec stats crypto | |
| get vpn ipsec stats tunnel | |
| 2 | |
| 3 | |
| 4 | |
| 5 | |
| 6 | |
| get vpn ike gateway <name> | |
| get vpn ipsec tunnel name <name> | |
| get vpn ipsec tunnel details | |
| diagnose vpn tunnel list | |
| diagnose vpn ipsec status #shows all crypto devices with counters that are used by the VPN | |
| get router info routing-table all | |
| diagnose debug reset | |
| diagnose vpn ike log-filter clear | |
| diagnose vpn ike log-filter ? | |
| diagnose vpn ike log-filter dst-addr4 1.2.3.4 | |
| diagnose debug app ike 255 #shows phase 1 and phase 2 output | |
| diagnose debug enable #after enough output, disable the debug: | |
| diagnose debug disable | |
| https://blog.webernetz.net/2015/12/21/cli-commands-for-troubleshooting-fortigate-firewalls/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment